package backtype.storm.security.auth;

import java.util.Map;

/**
 * Nimbus could be configured with an authorization plugin. If not specified,
 * all requests are authorized.
 * 
 * You could specify the authorization plugin via storm parameter. For example:
 * storm -c
 * nimbus.authorization.class=backtype.storm.security.auth.NoopAuthorizer ...
 * 
 * You could also specify it via storm.yaml: nimbus.authorization.class:
 * backtype.storm.security.auth.NoopAuthorizer
 */
public interface IAuthorizer {
	/**
	 * Invoked once immediately after construction
	 * 
	 * @param conf
	 *            Storm configuration
	 */
	void prepare(Map storm_conf);

	/**
	 * permit() method is invoked for each incoming Thrift request.
	 * 
	 * @param context
	 *            request context includes info about
	 * @param operation
	 *            operation name
	 * @param topology_storm
	 *            configuration of targeted topology
	 * @return true if the request is authorized, false if reject
	 */
	public boolean permit(ReqContext context, String operation,
			Map topology_conf);
}
